package io.afu.ssoclient.aop.impl;


import io.afu.ssoclient.aop.annotation.PermissionApi;
import io.afu.ssoclient.config.SSOClientProperties;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.PrintWriter;
import java.lang.reflect.Method;

/**
 * @author RffanLAB.方露宇
 * @version 0.1
 */
@Aspect
@Component
@EnableConfigurationProperties(value = SSOClientProperties.class)
public class PermissionApiImpl {

    @Resource
    SSOClientProperties properties;

    @Pointcut(value = "@annotation(io.afu.ssoclient.aop.annotation.PermissionApi)")
    private void cutPermission() {

    }

    @Around("cutPermission()")
    public Object doPermission(ProceedingJoinPoint point) throws Throwable {
        MethodSignature ms = (MethodSignature) point.getSignature();
        Method method = ms.getMethod();
        PermissionApi permission = method.getAnnotation(PermissionApi.class);
        ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
        HttpServletRequest request = servletRequestAttributes.getRequest();
        String token = request.getHeader("token");
        if (token == null || token.equals("")) {
            HttpServletResponse response = servletRequestAttributes.getResponse();
            PrintWriter writer = response.getWriter();
            writer.write("");
            writer.flush();
        }else {
            String authic = permission.roleLevel();

            // 开始进行token验证
            // 获取用户信息
            // 获取注解上标识的用户权限的信息
            // 判断是否成功
        }

        return point.proceed();
    }




}
